Hi Chris,
thanks for the patch, I will do the upload myself.
Thorsten
Hi Daniel,
On 19.03.24 00:27, Daniel Leidert wrote:
pdns-recursor_4.1.11-1+deb10u2_amd64.deb: Built-Using refers to
non-existing source package publicsuffix (= 20220811.1734-0+deb10u1)
if this is the only missing package, the upload should work now.
Unfortunately all remains of that upload
Hi Jonathan,
On 12.05.24 13:13, Jonathan Wiltshire wrote:
Please go ahead.
great, thanks ...
... and done.
Thorsten
Hi Petter,
thanks a lot for this patch, the Appstream stuff is like a book of seven
seals for me.
On Thu, 9 May 2024, Petter Reinholdtsen wrote:
+
+ com.github.indilib.indi-3rdparty
There are lots of drivers in this repository, distributed over several
packages. Shouldn't there be a
buffer overflow in QDnsLookup
+
+ -- Thorsten Alteholz Sun, 28 Apr 2024 22:48:02 +0200
+
qtbase-opensource-src (5.15.2+dfsg-9) unstable; urgency=medium
* Revert adding fix-misplacement-of-placeholder-text-in-QLineEdit.diff.
diff -Nru qtbase-opensource-src-5.15.2+dfsg/debian/patches/CVE-2022
-51714 (Closes: #1060694)
+fix incorrect HPack integer overflow check.
+
+ -- Thorsten Alteholz Sun, 28 Apr 2024 20:48:02 +0200
+
qtbase-opensource-src (5.15.8+dfsg-11+deb12u1) bookworm; urgency=medium
[ Alexander Volkov ]
diff -Nru qtbase-opensource-src-5.15.8+dfsg/debian/patches/CVE-2023
Package: ftp.debian.org
Severity: normal
Control: affects -1 + src:gutenprint
Unfortunately this software no longer runs on 32bit architectures. The time to
fix this is better spent on other things.
Thorsten
Hi Jonathan,
On 22.04.24 19:10, Jonathan Wiltshire wrote:
Please go ahead.
great, thanks ...
... and uploaded.
Thorsten
Hi Jonathan,
On 22.04.24 18:59, Jonathan Wiltshire wrote:
Please go ahead.
great, thanks ...
... and uploaded.
Thorsten
Hi Chris,
thanks for preparing the upload.
From my point of view the change in debian/NEWS is not correct. If at
all there could have been a new entry for this upload, but I don't think
this change is that important to explicitly inform all users.
Anyway, I just uploaded 20200505dfsg0-3 now
Package: cups-browsed
Hi Mike,
unfortunately this is a feature and not a bug.
As cups-browsed only Recommends: avahi-daemon, it might not be installed
and you can not require to wait for its start. As far as I know systemd
has some kind of timeout and the system will still boot when
Package: ftp.debian.org
Severity: normal
Control: affects -1 + src:libosmo-netif
Unfortunately this software no longer runs on 32bit architectures. The time to
fix this is better spent on other things.
Thorsten
Package: ftp.debian.org
Severity: normal
Control: affects -1 + src:osmo-mgw
Unfortunately this software no longer runs on 32bit architectures. The time to
fix this is better spent on other things.
Thorsten
Package: ftp.debian.org
Severity: normal
Control: affects -1 + src:osmo-bsc
Unfortunately this software no longer runs on 32bit architectures. The time to
fix this is better spent on other things.
Thorsten
Package: ftp.debian.org
Severity: normal
Control: affects -1 + src:osmo-iuh
Unfortunately this software no longer runs on 32bit architectures. The time to
fix this is better spent on other things.
Thorsten
Package: ftp.debian.org
Severity: normal
Control: affects -1 + src:osmo-msc
Unfortunately this software no longer runs on 32bit architectures. The time to
fix this is better spent on other things.
Thorsten
Package: ftp.debian.org
Severity: normal
Control: affects -1 + src:osmo-sgsn
Unfortunately this software no longer runs on 32bit architectures. The time to
fix this is better spent on other things.
Thorsten
Package: ftp.debian.org
Severity: normal
Control: affects -1 + src:osmo-hlr
Unfortunately this software no longer runs on 32bit architectures. The time to
fix this is better spent on other things.
Thorsten
Package: ftp.debian.org
Severity: normal
Control: affects -1 + src:libosmo-sccp
Unfortunately this software no longer runs on 32bit architectures. The time to
fix this is better spent on other things.
Thorsten
Package: ftp.debian.org
Severity: normal
Control: affects -1 + src:osmo-pcu
Unfortunately this software no longer runs on 32bit architectures. The time to
fix this is better spent on other things.
Thorsten
Control: severity -1 normal
Control: forwarded -1 https://github.com/alonbl/gnupg-pkcs11-scd/issues/61
I can reproduce this bug with my card reader and I forwarded the bug
upstream -> https://github.com/alonbl/gnupg-pkcs11-scd/issues/61
As this is just a cosmectic bug, I reduce severity again
On Mon, 8 Apr 2024, Andreas Beckmann wrote:
The python3.10 removal accidentally caused the removal of 'and', too, most
likely because of the non-standard subject line that got misparsed.
(Hint: Using reportbug would have helped to get that formatted correctly.)
oh, thanks for catching this
Control: tags -1 + moreinfo
Hi Sebastian,
there is a reverse dependency that needs to be taken care of:
Checking reverse dependencies...
# Broken Depends:
libauthen-krb5-admin-perl: libauthen-krb5-admin-perl
In case they matter, this needs to be addressed first. Please remove the
moreinfo
Control: tags -1 + moreinfo
Hi Helmut,
there are reverse dependencies that need to be taken care of:
Checking reverse dependencies...
# Broken Depends:
flatpak: flatpak
gnome-remote-desktop: gnome-remote-desktop
# Broken Build-Depends:
flatpak: fuse3
libfuse3-dev (3.1.1 >=)
Control: tags -1 + moreinfo
Hi ,
there are some reverse dependencies that need to be taken care of:
Checking reverse dependencies...
# Broken Build-Depends:
adios: cython3-legacy
astra-toolbox/contrib: cython3-legacy
atropos: cython3-legacy
azure-uamqp-python: cython3-legacy
basemap:
Control: tags -1 + moreinfo
Hi Thomas,
there are reverse dependencies that need to be taken care of:
Checking reverse dependencies...
# Broken Depends:
ceph: ceph-mgr-cephadm
ceph-mgr-dashboard
ceph-mgr-k8sevents
ceph-mgr-rook
ceph-resource-agents
cephfs-shell
Control: tags -1 + moreinfo
Hi Thomas,
there are reverse dependencies that need to be taken care of:
Checking reverse dependencies...
# Broken Depends:
sahara-plugin-spark: python3-sahara-plugin-spark
sahara-plugin-vanilla: python3-sahara-plugin-vanilla
# Broken Build-Depends:
Control: tags -1 + moreinfo
Hi Drew,
there are reverse dependencies that need to be taken care of:
Checking reverse dependencies...
# Broken Depends:
python-emmet-core: python3-emmet-core
python-mp-api: python3-mp-api
# Broken Build-Depends:
custodian: python3-pymatgen
python-emmet-core:
Control: tags -1 + moreinfo
Hi,
there are reverse dependencies that need to be taken care of:
Checking reverse dependencies...
# Broken Depends:
baresip: baresip-x11
# Broken Build-Depends:
baresip: libomxil-bellagio-dev
kodi: libomxil-bellagio-dev
vlc: libomxil-bellagio-dev
In case they
, which
+might cause a DoS (Denial of Service)
+
+ -- Thorsten Alteholz Sat, 23 Mar 2024 12:03:02 +0100
+
libmicrohttpd (0.9.72-2) sid; urgency=medium
* Uploading to sid.
diff -Nru libmicrohttpd-0.9.72/debian/patches/CVE-2023-27371.patch
libmicrohttpd-0.9.72/debian/patches/CVE-2023-27371
Hi Helmut,
is there a reason you closed that bug?
Thorsten
Package: ftp.debian.org
Severity: normal
When trying to fix #1066195, the corresponding patch grew more and more.
I no longer wonder why C got such a bad reputation when this was valid
code 30 years ago. From my point of view this code needs an entire rework.
As I long time ago stopped
Control: tags -1 + moreinfo
Hi Alexandre,
this seems to be a major task, so I am tagging with moreinfo again. Just
for information this is the current list of reverse dependencies:
Checking reverse dependencies...
# Broken Depends:
dioptas: dioptas [amd64]
flask-autoindex:
Control: tags -1 + moreinfo
Hi Andreas et al,
there are still reverse dependencies that need to be taken care of:
Checking reverse dependencies...
# Broken Depends:
emboss: jemboss
emboss-explorer: emboss-explorer
# Broken Build-Depends:
bioperl-run: emboss
embassy-domainatrix: emboss-lib
Control: tags -1 + moreinfo
Hi Andreas,
please file one RM bug for each package that needs to be partially
removed. This needs to be done even for dependencies of dependencies.
Please remove the moreinfo tag once that is done.
Thorsten
On Sun, 25 Feb 2024, Jonathan Wiltshire wrote:
Please go ahead.
great, thanks ...
... and uploaded.
Thorsten
Control: tags -1 + moreinfo
Hi Marcos,
there is a reverse dependency that needs to be taken care of:
Checking reverse dependencies...
# Broken Depends:
ganglia-modules-linux: ganglia-modules-linux
# Broken Build-Depends:
ganglia-modules-linux: libganglia1-dev
In case they matter, this
Control: tags -1 + moreinfo
Hi Georges,
there are reverse dependencies that need to be taken care of:
Checking reverse dependencies...
# Broken Build-Depends:
dygraphs: jsdoc-toolkit
emperor: jsdoc-toolkit
Dependency problem found.
In case they matter, this needs to be addressed first.
+
+ * CVE-2024-25189 (Closes: #1063534)
+fix a timing side channel via strcmp()
+
+ -- Thorsten Alteholz Mon, 19 Feb 2024 22:03:02 +0100
+
libjwt (1.10.2-1) unstable; urgency=medium
* New upstream release
diff -Nru libjwt-1.10.2/debian/libjwt0.symbols
libjwt-1.10.2/debian/libjwt0
+
+ * CVE-2024-25189 (Closes: #1063534)
+fix a timing side channel via strcmp()
+
+ -- Thorsten Alteholz Tue, 20 Feb 2024 23:03:02 +0100
+
libjwt (1.10.2-1) unstable; urgency=medium
* New upstream release
diff -Nru libjwt-1.10.2/debian/libjwt0.symbols
libjwt-1.10.2/debian/libjwt0
Hi Moritz,
thanks for the bug. Upstream knows about the issue and already fixed it
[1] + [2].
Thorsten
[1]
https://github.com/benmcollins/libjwt/commit/f73bac57c5bece16ac24f1a70022aa34355fc1bf
[2]
https://github.com/benmcollins/libjwt/commit/a5d61ef4f1b383876e0a78534383f38159471fd6
Control: tags -1 + moreinfo
Hi Andreas,
please remove the moreinfo tag again after all reverse dependencies have
been handled.
Thorsten
On 29.01.24 23:02, Adam D. Barratt wrote:
Please go ahead.
great, thanks ...
... and done.
Thorsten
On 01.02.24 07:37, Adam D. Barratt wrote:
Please go ahead.
great, thanks ...
... and done.
Thorsten
On 17.01.24 23:52, IOhannes m zmölnig (Debian/GNU) wrote:
what is required from my side?
do i need to contact the maintainers of these packages to coordinate?
someone needs to file the RM-bugs (please one bug for each package). It
would be best if the maintainer is involved in this or at
Control: tags -1 + moreinfo
Hi Andreas,
there is a reverse dependency that needs to be taken care of:
Checking reverse dependencies...
# Broken Depends:
qcumber: qcumber
In case they matter, this needs to be addressed first. Please remove the
moreinfo tag once that is done.
Thorsten
Control: tags -1 + moreinfo
Hi Alexandre,
there is a reverse dependency that needs to be taken care of:
Checking reverse dependencies...
# Broken Build-Depends:
commando: python3-fswrap
In case they matter, this needs to be addressed first. Please remove the
moreinfo tag once that is done.
Control: tags -1 + moreinfo
Hi Anton,
there are reverse dependencies that need to be taken care of:
Checking reverse dependencies...
# Broken Depends:
ceph: ceph-common
ceph-mgr
ceph-mon
ceph-osd
librados-dev
librados2
librgw2
radosgw
dogecoin:
Control: tags -1 + moreinfo
Hi IOhannes,
there are reverse dependencies that need to be taken care of:
Checking reverse dependencies...
# Broken Depends:
obs-3d-effect: obs-3d-effect
obs-advanced-scene-switcher: obs-advanced-scene-switcher
obs-ashmanix-blur-filter: obs-ashmanix-blur-filter
Control: tags -1 + moreinfo
Hi Anton,
there are reverse dependencies that needs to be taken care of:
Checking reverse dependencies...
# Broken Build-Depends:
pbcopper: libboost1.81-dev
r-cran-openmx: libboost-system1.81-dev
In case they matter, this needs to be addressed first. Please remove
in derive_combined_bipredictive_merging_candidates()
+ * CVE-2023-49468
+global buffer overflow in read_coding_unit()
+
+ -- Thorsten Alteholz Fri, 29 Dec 2023 23:03:02 +0100
+
libde265 (1.0.11-1+deb12u1) bookworm; urgency=medium
* Non-maintainer upload by the LTS Team.
diff -Nru libde265-1.0.11/debian/patches/CVE
in derive_combined_bipredictive_merging_candidates()
+ * CVE-2023-49468
+global buffer overflow in read_coding_unit()
+
+ -- Thorsten Alteholz Fri, 29 Dec 2023 23:03:02 +0100
+
libde265 (1.0.11-0+deb11u2) bullseye; urgency=high
* Non-maintainer upload by the LTS Team.
diff -Nru libde265-1.0.11/debian/patches/CVE-2023
Control: tags -1 + moreinfo
Hi Andreas,
there is a reverse dependency that needs to be taken care of:
Checking reverse dependencies...
# Broken Build-Depends:
libpod: golang-github-docker-go-plugins-helpers-dev
In case it matters, this needs to be addressed first. Please remove the
On Tue, 19 Dec 2023, Jonathan Wiltshire wrote:
Please go ahead.
great, thanks ...
... and uploaded.
Thorsten
On Tue, 19 Dec 2023, Jonathan Wiltshire wrote:
Please go ahead.
great, thanks ...
... and uploaded.
Thorsten
Control: tags -1 + moreinfo
Hi Matthias,
there is a reverse dependency that needs to be taken care of:
Checking reverse dependencies...
# Broken Depends:
python3.10: libpython3.10-dbg
libpython3.10-stdlib
# Broken Build-Depends:
python3.10: libmpdec-dev (2.5.1~ >=)
In case they
Control: tags -1 + moreinfo
Hi Sylvestre,
there are reverse dependencies that need to be taken care of:
Checking reverse dependencies...
# Broken Depends:
aflplusplus: afl++
bpftrace: bpftrace [amd64 arm64 armhf ppc64el s390x]
castxml: castxml [mips64el]
clazy: clazy [amd64 arm64 armel armhf
Control: tags -1 + moreinfo
Hi David,
there are reverse dependencies that need to be taken care of:
Checking reverse dependencies...
# Broken Depends:
forensics-extra: forensics-extra
# Broken Build-Depends:
libz-mingw-w64: pev
In case they matter, this needs to be addressed first. Please
Hi Ian,
On Thu, 21 Dec 2023, Ian Jackson wrote:
I have just become aware of #1058701 via the automated email that
resulted from the removal of pm-utils.
this is sad. The RM bug appeared on the tracker page of the package, in
your packages overview, on the ftpmaster removals page (or on the
Control: tags -1 + moreinfo
Hi Luca,
there are reverse dependencies that need to be taken care of:
Checking reverse dependencies...
# Broken Build-Depends:
collectd: libdpdk-dev
openvswitch: libdpdk-dev (22.11.3-2~ >=)
uhd: libdpdk-dev (20 >=)
In case they matter, this needs to be addressed
Control: tags -1 + moreinfo
Hi Noah,
there are reverse dependencies that need to be taken care of:
Checking reverse dependencies...
# Broken Depends:
debian-cloud-images: debian-cloud-images-packages [amd64 arm64]
heat-cfntools: heat-cfntools
toil: toil
# Broken Build-Depends:
heat-cfntools:
Control: tags -1 + moreinfo
Hi Ilias,
there are reverse dependencies that need to be taken care of.
Please file for each package a different RM bug.
Please remove the moreinfo tag once that is done.
Thorsten
Hi Charles,
On 07.12.23 12:17, Charles Plessy wrote:
I just submitted bugs against courier and jool. Can I ask you to fix
node-mime-types? You are Uploader of it…
oh, my last upload was years ago. But I will try to fix it this weekend ...
Looking at the source code, it seems that
Hi Chris,
thanks a lot for the debdiff.
On 03.12.23 15:37, Chris Hofstaedtler wrote:
Please feel free to tell me if I should delay it longer.
yes, please let me do the upload by myself. I would like to do it this
weekend.
Thorsten
On Sat, 2 Dec 2023, Adam D. Barratt wrote:
Please go ahead.
Great, thanks ...
... and uploaded
Thorsten
On Sat, 2 Dec 2023, Adam D. Barratt wrote:
Please go ahead.
Great, thanks ...
... and uploaded
Thorsten
On Sat, 2 Dec 2023, Adam D. Barratt wrote:
Please go ahead.
Great, thanks ...
... and uploaded
Thorsten
Control: tags -1 + moreinfo
Hi MigueL,
there are reverse dependencies that need to be taken care of:
Checking reverse dependencies...
# Broken Depends:
db2twitter: db2twitter
retweet: retweet
twitterwatch: twitterwatch
# Broken Build-Depends:
retweet: python3-tweepy
In case they matter,
To: 1057...@bugs.debian.org
Subject: reverse dependencies
Control: tags -1 + moreinfo
Hi Sebastian,
there are reverse dependencies that need to be taken care of:
Checking reverse dependencies...
# Broken Depends:
debian-design: design-desktop-animation
ogre-1.9: blender-ogrexml-1.9
# Broken
Control: tags -1 + moreinfo
Hi Matthias,
there are reverse dependencies that need to be taken care of:
Checking reverse dependencies...
# Broken Build-Depends:
gcc-9-cross: autoconf2.64
gcc-9-cross-mipsen: autoconf2.64
gcc-9-cross-ports: autoconf2.64
In case they matter, this needs to be
Control: tags -1 + moreinfo
Hi Andreas,
there are reverse dependencies that need to be taken care of:
Checking reverse dependencies...
# Broken Depends:
r-bioc-hdf5array: r-bioc-hdf5array
r-bioc-rhdf5: r-bioc-rhdf5
# Broken Build-Depends:
r-bioc-hdf5array: r-bioc-rhdf5filters
r-bioc-rhdf5:
Control: tags -1 + moreinfo
Hi Chris,
there are reverse dependencies that need to be taken care of:
Checking reverse dependencies...
# Broken Depends:
netpipe: netpipe-pvm
slpvm: slang-pvm
tablix2: tablix2
# Broken Build-Depends:
netpipe: pvm-dev
slpvm: pvm-dev
tablix2: pvm-dev
In case they
Control: tags -1 + moreinfo
Hi Stéphane,
there are reverse dependencies that need to be taken care of:
Checking reverse dependencies...
# Broken Build-Depends:
ocaml-cstruct: libmigrate-parsetree-ocaml-dev
ocaml-odoc: libmigrate-parsetree-ocaml-dev
ppx-import: libmigrate-parsetree-ocaml-dev
Control: tags -1 + moreinfo
Hi Chris,
there is a reverse dependency that needs to be taken care of:
Checking reverse dependencies...
# Broken Depends:
dhis-mx-sendmail-engine: dhis-mx-sendmail-engine
In case they matter, this needs to be addressed first. Please remove the
moreinfo tag once
Control: tags -1 + moreinfo
Hi Jeremy,
there are reverse dependencies that need to be taken care of:
Checking reverse dependencies...
# Broken Depends:
rust-ansi-parser: librust-ansi-parser-dev
# Broken Build-Depends:
rust-ansi-parser: librust-nom-4+std-dev
librust-nom-4-dev
Control: tags -1 + moreinfo
Hi Bastian,
there are reverse dependencies that need to be taken care of:
Checking reverse dependencies...
# Broken Depends:
newtonsoft-json: nupkg-newtonsoft.json.6.0.8
nunit: nupkg-nunit.2.6.4
nupkg-nunit.mocks.2.6.4
nupkg-nunit.runners.2.6.4
In
Control: tags -1 + moreinfo
Hi Bastian,
there are reverse dependencies that need to be taken care of:
Checking reverse dependencies...
# Broken Depends:
mono-tools: mono-profiler
mono-tools-gui
In case they matter, this needs to be addressed first. Please remove the
moreinfo tag
Control: tags -1 + moreinfo
Hi Charles,
there are reverse dependencies that need to be taken care of:
Checking reverse dependencies...
# Broken Build-Depends:
courier: mime-support
jool: mime-support
node-mime-types: mime-support
In case they matter, this needs to be addressed first. Please
)
+(Thanks a lot to Till Kamppeter for the patches)
+
+ -- Thorsten Alteholz Fri, 01 Dec 2023 20:35:27 +0100
+
cups (2.4.2-3+deb12u4) bookworm; urgency=medium
* remove debian/NEWS again to avoid too much information when only
diff -Nru cups-2.4.2/debian/patches/0017-check-colormodel-also
in the slice_segment_header function
+
+ -- Thorsten Alteholz Sun, 26 Nov 2023 13:03:02 +0100
+
libde265 (1.0.11-1) unstable; urgency=medium
[ Tobias Frost ]
diff -Nru libde265-1.0.11/debian/patches/CVE-2023-27102.patch
libde265-1.0.11/debian/patches/CVE-2023-27102.patch
--- libde265-1.0.11/debian
in the slice_segment_header function
+
+ -- Thorsten Alteholz Sun, 26 Nov 2023 13:03:02 +0100
+
libde265 (1.0.11-0+deb11u1) bullseye-security; urgency=high
* Non-maintainer upload by the Security Team.
diff -Nru libde265-1.0.11/debian/patches/CVE-2023-27102.patch
libde265-1.0.11/debian/patches/CVE
/changelog2023-11-25 13:03:02.0 +0100
@@ -1,3 +1,11 @@
+minizip (1.1-8+deb12u1) bookworm; urgency=high
+
+ * Non-maintainer upload by the LTS Team.
+ * CVE-2023-45853 (Closes: #1056719)
+Reject overflows of zip header fields in minizip.
+
+ -- Thorsten Alteholz Sat, 25 Nov 2023
(1.1-8+deb11u1) bullseye; urgency=high
+
+ * Non-maintainer upload by the LTS Team.
+ * CVE-2023-45853 (Closes: #1056719)
+Reject overflows of zip header fields in minizip.
+
+ -- Thorsten Alteholz Sat, 25 Nov 2023 13:03:02 +0100
+
minizip (1.1-8) unstable; urgency=medium
* Fix
On 08.11.23 15:27, Debian wrote:
Nov 08 14:24:04 PC audit[9568]: AVC apparmor="DENIED"
operation="chown" profile="/usr/sbin/cupsd"
name="/srv/ssd1/var/spool/cups/" pid=95>
Nov 08 14:24:04 PC audit[9568]: AVC apparmor="DENIED"
operation="mkdir" profile="/usr/sbin/cupsd"
On 07.11.23 17:55, Debian wrote:
Is it possible to get somewhere the packages before the upgrade?
https://snapshot.debian.org/ might help you.
Hi Steve,
On 26.10.23 05:23, Steven Robbins wrote:
On Monday, October 23, 2023 1:00:09 P.M. CDT Thorsten Alteholz wrote:
Hi,
please ask upstream to add all licenses of embedded stuff like
./sources/plugins/shared/hidapi
Could you expand on this request? Each file notes "At the discr
Package: josm
Version: 0.0.svn18646dfsg-1
Severity: serious
User: alteh...@debian.org
Usertags: license
thanks
Hi,
unfortunately your package contains files with license: CC-BY-2.5
src/javax/annotation/*
As you can see on [1] this license is not compatible with DFSG, so please
remove the
Package: anki
Version: 2.1.8dfsg-1
Severity: serious
User: alteh...@debian.org
Usertags: license
thanks
Hi,
unfortunately your package contains a file with license: CC-BY-2.5
debian/browsersel.py
As you can see on [1] this license is not compatible with DFSG, so please
remove the file or
Package: libhtmlcleaner-java
Version: 2.21-5
Severity: serious
User: alteh...@debian.org
Usertags: license
thanks
Hi,
unfortunately your package contains a file with license: CC-BY-SA-2.0-uk
src/test/resources/test23.html
As you can see on [1] this license is not compatible with DFSG, so
Package: retroarch-assets
Version: 1.7.6git20221024dfsg-3
Severity: serious
User: alteh...@debian.org
Usertags: license
thanks
Hi,
unfortunately your package contains files with license: CC-BY-2.0
rgui/wallpaper/mystery_blocks*
As you can see on [1] this license is not compatible with
+1,11 @@
+cups (2.4.2-3+deb12u4) bookworm; urgency=medium
+
+ * remove debian/NEWS again to avoid too much information when only
+the client part is installed
+ * fix typo in config filename
+
+ -- Thorsten Alteholz Thu, 05 Oct 2023 16:35:27 +0200
+
cups (2.4.2-3+deb12u3) bookworm; urgency
+0200
@@ -1,3 +1,11 @@
+cups (2.3.3op2-3+deb11u6) bullseye; urgency=medium
+
+ * remove debian/NEWS again to avoid too much information when only
+the client part is installed
+ * fix typo in config filename
+
+ -- Thorsten Alteholz Thu, 05 Oct 2023 16:35:27 +0200
+
cups (2.3.3op2-3+deb11u5
Hi Christian,
On 30.09.23 19:02, Christian T. Steigies wrote:
I did not find this file (because I don't have a full install), but I think
the filename should be cupsd.conf instead of cupds.conf.
oops, thanks for telling. You are right, the correct name would have
been cupsd.conf
Thorsten
On Fri, 29 Sep 2023, Adam D. Barratt wrote:
I should have spotted this before (particularly as we recently had the
same issue with another package) but debian/NEWS.Debian should simply
be debian/NEWS. dh_installchangelogs then renames it to NEWS.Debian in
the binary package.
ok, uploaded, I
On Fri, 29 Sep 2023, Adam D. Barratt wrote:
I should have spotted this before (particularly as we recently had the
same issue with another package) but debian/NEWS.Debian should simply
be debian/NEWS. dh_installchangelogs then renames it to NEWS.Debian in
the binary package.
ok, uploaded, I
On 27.09.23 20:33, Adam D. Barratt wrote:
Thanks; please go ahead.
great, thanks, ...
... and uploaded.
Thorsten
On 27.09.23 20:32, Adam D. Barratt wrote:
Please go ahead.
great, thanks, ...
... and uploaded.
Thorsten
+ * CVE-2023-32360 (Closes: #1051953)
+authentication issue
+
+ -- Thorsten Alteholz Tue, 19 Sep 2023 21:20:27 +0200
+
cups (2.3.3op2-3+deb11u3) bullseye; urgency=medium
* CVE-2023-34241 (Closes: #1038885)
diff -Nru cups-2.3.3op2/debian/cups-daemon.NEWS
cups-2.3.3op2/debian/cups
21:20:27.0 +0200
@@ -1,3 +1,12 @@
+cups (2.4.2-3+deb12u2) bookworm; urgency=medium
+
+ * CVE-2023-4504
+Postscript parsing heap-based buffer overflow
+ * CVE-2023-32360 (Closes: #1051953)
+authentication issue
+
+ -- Thorsten Alteholz Tue, 19 Sep 2023 21:20:27 +0200
+
cups
+0200
@@ -1,3 +1,12 @@
+cups (2.3.3op2-3+deb11u4) bullseye; urgency=medium
+
+ * CVE-2023-4504
+Postscript parsing heap-based buffer overflow
+ * CVE-2023-32360 (Closes: #1051953)
+authentication issue
+
+ -- Thorsten Alteholz Tue, 19 Sep 2023 21:20:27 +0200
+
cups (2.3.3op2-3+deb11u3
1 - 100 of 849 matches
Mail list logo